diff --git a/CHANGELOG.md b/CHANGELOG.md index 0579dc4833a697520001b6befab794dbf6dce2d5..46157a0218e440837f94ed7aea2a42243c477ed3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## [7.3.2](https://gitlab.com/to-be-continuous/python/compare/7.3.1...7.3.2) (2024-11-02) + + +### Bug Fixes + +* limit security reports access to developer role or higher ([40c85ef](https://gitlab.com/to-be-continuous/python/commit/40c85eff562a00ceb9b381ef72472ce1910b97ab)) + ## [7.3.1](https://gitlab.com/to-be-continuous/python/compare/7.3.0...7.3.1) (2024-10-25) diff --git a/README.md b/README.md index 2de10dc1040579b0cb671df31576f987d8c66c9c..4af1d8947a2f63272c82dc6af2ecc428092284fb 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ Add the following to your `.gitlab-ci.yml`: ```yaml include: # 1: include the component - - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1 + - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2 # 2: set/override component inputs inputs: image: registry.hub.docker.com/library/python:3.12-slim @@ -29,7 +29,7 @@ Add the following to your `.gitlab-ci.yml`: include: # 1: include the template - project: 'to-be-continuous/python' - ref: '7.3.1' + ref: '7.3.2' file: '/templates/gitlab-ci-python.yml' variables: @@ -521,9 +521,9 @@ With: ```yaml include: # main component - - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1 + - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2 # Vault variant - - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.1 + - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.2 inputs: vault-base-url: "https://vault.acme.host/v1" # audience claim for JWT @@ -563,13 +563,13 @@ The variant requires the additional configuration parameters: ```yaml include: - - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1 + - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2 # 2: set/override component inputs inputs: image: registry.hub.docker.com/library/python:3.12-slim pytest-enabled: true - - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.1 + - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.2 inputs: # common OIDC config for non-prod envs gcp-oidc-provider: "projects/<gcp_nonprod_proj_id>/locations/global/workloadIdentityPools/<pool_id>/providers/<provider_id>" diff --git a/templates/gitlab-ci-python-gcp.yml b/templates/gitlab-ci-python-gcp.yml index e22511b060a2a11c904cd54e23f62b1961a36245..43d02cb25653f0cf490b26cfc60a0c6f2db4215c 100644 --- a/templates/gitlab-ci-python-gcp.yml +++ b/templates/gitlab-ci-python-gcp.yml @@ -44,7 +44,7 @@ variables: image: $PYTHON_IMAGE services: - name: "$TBC_TRACKING_IMAGE" - command: ["--service", "python", "7.3.1"] + command: ["--service", "python", "7.3.2"] variables: GCP_JWT: $GCP_JWT before_script: diff --git a/templates/gitlab-ci-python-vault.yml b/templates/gitlab-ci-python-vault.yml index 81e875625d168fc5da7240ae9a75fa58a0843110..29148e74dafd7b350731d62f8f99bbf0bf3559c2 100644 --- a/templates/gitlab-ci-python-vault.yml +++ b/templates/gitlab-ci-python-vault.yml @@ -22,7 +22,7 @@ variables: .python-base: services: - name: "$TBC_TRACKING_IMAGE" - command: ["--service", "python", "7.3.1"] + command: ["--service", "python", "7.3.2"] - name: "$TBC_VAULT_IMAGE" alias: "vault-secrets-provider" variables: diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml index 93dad4ebfe471977c8203d6fe537fc169512bc2c..fad409612f7aeb2296f66d565cffc42ad04c6b34 100644 --- a/templates/gitlab-ci-python.yml +++ b/templates/gitlab-ci-python.yml @@ -960,7 +960,7 @@ stages: image: $PYTHON_IMAGE services: - name: "$TBC_TRACKING_IMAGE" - command: ["--service", "python", "7.3.1"] + command: ["--service", "python", "7.3.2"] variables: # set local cache dir; most Python tools honour XDG specs XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache"